× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c172fd2835d0a25b3eae040b28dca79f8f96c8516663742ddd2b7428773b2306
File name: Sсreenshot_3.scr
Detection ratio: 28 / 56
Analysis date: 2016-03-30 11:18:13 UTC ( 1 year, 3 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.3124069 20160330
AegisLab Backdoor.Msil.Nanobot!c 20160330
ALYac Trojan.GenericKD.3124069 20160330
Arcabit Trojan.Generic.D2FAB65 20160330
Avast Win32:Malware-gen 20160330
AVG Inject3.AGWR 20160330
Avira (no cloud) TR/Dropper.MSIL.hshr 20160330
AVware Trojan.Win32.Generic!BT 20160330
Baidu Win32.Trojan.WisdomEyes.151026.9950.9997 20160330
BitDefender Trojan.GenericKD.3124069 20160330
DrWeb Trojan.Starter.5939 20160330
Emsisoft Trojan.GenericKD.3124069 (B) 20160330
ESET-NOD32 a variant of Generik.GWUIPMV 20160330
F-Secure Trojan.GenericKD.3124069 20160330
GData Trojan.GenericKD.3124069 20160330
Ikarus Trojan.Dropper 20160330
Kaspersky Backdoor.MSIL.NanoBot.jbc 20160330
Malwarebytes Trojan.Crypt.RV 20160330
McAfee Artemis!FCA73DC665FF 20160330
McAfee-GW-Edition BehavesLike.Win32.Backdoor.gc 20160330
eScan Trojan.GenericKD.3124069 20160330
NANO-Antivirus Trojan.Win32.Starter.ebeyyk 20160330
nProtect Trojan.GenericKD.3124069 20160330
Panda Trj/CI.A 20160329
Qihoo-360 HEUR/QVM06.2.Malware.Gen 20160330
Sophos AV Mal/Generic-S 20160330
Symantec Suspicious.Cloud.9 20160330
VIPRE Trojan.Win32.Generic!BT 20160330
AhnLab-V3 20160330
Alibaba 20160323
Antiy-AVL 20160330
Baidu-International 20160329
Bkav 20160329
CAT-QuickHeal 20160330
ClamAV 20160330
CMC 20160322
Comodo 20160330
Cyren 20160330
F-Prot 20160330
Fortinet 20160330
Jiangmin 20160330
K7AntiVirus 20160330
K7GW 20160330
Kingsoft 20160330
Microsoft 20160330
Rising 20160330
SUPERAntiSpyware 20160330
Tencent 20160330
TheHacker 20160330
TrendMicro 20160330
TrendMicro-HouseCall 20160330
VBA32 20160329
ViRobot 20160330
Yandex 20160316
Zillya 20160329
Zoner 20160330
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Original name LVBchpp.exe
Internal name LVBchpp.exe
File version 4.4.464.1658
Description PLcFHbtclKj
Comments oGoYV
Packers identified
F-PROT RAR
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-05-06 12:07:12
Entry Point 0x0001D41B
Number of sections 4
PE sections
Overlays
MD5 470a21f6fd3436eaab806a5372bb088b
File type application/x-rar
Offset 278016
Size 223860
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegOpenKeyExW
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
InitCommonControlsEx
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
GetDeviceCaps
CreateDIBSection
DeleteObject
GetObjectW
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
OpenFileMappingW
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetStringTypeA
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
GetExitCodeProcess
InitializeCriticalSection
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
SetLastError
GetSystemTime
DeviceIoControl
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointer
GetFullPathNameW
CreateThread
SetEnvironmentVariableW
MoveFileExW
SetUnhandledExceptionFilter
TzSpecificLocalTimeToSystemTime
TerminateProcess
CreateSemaphoreW
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
GetNumberFormatW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatW
SetEvent
DeleteFileW
GetProcAddress
CreateFileMappingW
GetTimeFormatW
WriteFile
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
CreateDirectoryW
ResetEvent
FindFirstFileW
GetProcessAffinityMask
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
HeapCreate
GetConsoleCP
LCMapStringA
CompareStringW
GetEnvironmentStringsW
IsDBCSLeadByte
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetLongPathNameW
IsValidCodePage
UnmapViewOfFile
FindResourceW
VirtualFree
Sleep
VirtualAlloc
CreateHardLinkW
VariantInit
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHAutoComplete
MapWindowPoints
SetFocus
GetParent
UpdateWindow
EndDialog
LoadBitmapW
SetWindowTextW
DefWindowProcW
GetWindowTextW
GetMessageW
ShowWindow
SetWindowPos
wvsprintfW
GetSystemMetrics
SetWindowLongW
IsWindow
SendMessageW
GetWindowRect
RegisterClassExW
DialogBoxParamW
SendDlgItemMessageW
GetDlgItemTextW
PostMessageW
MessageBoxW
SetDlgItemTextW
GetDC
GetWindowLongW
ReleaseDC
DestroyIcon
TranslateMessage
IsWindowVisible
LoadStringW
GetClientRect
GetDlgItem
GetWindow
OemToCharBuffA
DispatchMessageW
PeekMessageW
GetSysColor
GetClassNameW
CopyRect
WaitForInputIdle
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
EnableWindow
SetForegroundWindow
DestroyWindow
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
OleInitialize
OleUninitialize
Number of PE resources by type
RT_STRING 9
RT_DIALOG 6
RT_ICON 3
RT_MANIFEST 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 21
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

Comments
oGoYV

LinkerVersion
9.0

ImageVersion
0.0

FileVersionNumber
4.4.464.1658

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
243712

EntryPoint
0x1d41b

OriginalFileName
LVBchpp.exe

MIMEType
application/octet-stream

FileVersion
4.4.464.1658

TimeStamp
2014:05:06 13:07:12+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
LVBchpp.exe

ProductVersion
4.4.464.1658

FileDescription
PLcFHbtclKj

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ufCuNIYXTf

CodeSize
165376

FileSubtype
0

ProductVersionNumber
4.4.464.1658

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
4.4.464.1658

File identification
MD5 fca73dc665ff51022a7291b76b554809
SHA1 b30b48d69356bd22aa59bf3d62fd4acdede618e2
SHA256 c172fd2835d0a25b3eae040b28dca79f8f96c8516663742ddd2b7428773b2306
ssdeep
12288:5UomEFRu3xEPEpWLLEetVoEPDCGqhEV20k68G0E:XmOMSPEpWb2uDC9EV/ku0E

authentihash f216d70b7e399897862f0fbd42841872b6d0a3cfc7fb717fc7dcdc460d672614
imphash d32519c93924bb24d9874d86c5993ee3
File size 490.1 KB ( 501876 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-03-27 20:20:41 UTC ( 1 year, 4 months ago )
Last submission 2016-05-16 10:52:32 UTC ( 1 year, 2 months ago )
File names LVBchpp.exe
Sсreenshot_3 (1).scr
Sсreenshot_3.scr
S%D1%81reenshot_3.scr
Sreenshot_3.scr
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
UDP communications